Oscar, Nick - thanks for your responses.

>I did, obviously. It worked for me.
 ^^^^^^^^^^^^^^^^^^^^^^^^^^
How did you add the cert to the Keychain and to which Keychain did you add it to? I tried adding it (in pem format) to various Keychains via Keychain Access to no avail.

>If this site is a Web site, one other thing you could try is visiting the site in Safari. You'll see a security panel indicating that the site's certificate is not trusted. Check the >"always trust" check box and proceed. Safari ought to save the certificate in the keychain and set the permissions correctly.

I expected this behavior too, but Safari simply keeps saying "Safari can't establish a secure connection to the server xxx"
After adding the cert to the Keychain(s), I figured I should be able to access the site via Safari, and thus communicate with it via libcurl (so Safari access was my litmus test). I was able to access the site via Firefox though (from the same Mac); as expected, the security warning showed up in Firefox and I could get to the site after accepting the cert. I could then see the cert in FF's list, but not in any of the Keychains... Guessing FF maintains its own store and doesn't use Keychains?

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-08-20